Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•18 views

CA BrightStor ARCserve Backup Media Server SUN-RPC Procedure Code Execution - Ver2 (CVE-2007-1785)

Computer Associates BrightStor ARCserve Backup products offer data protection for distributed servers, clients, databases and applications. They provide centralized control over a series of distributed operations including Backup and Restore, Data Migration, and Threat Management. There exists a...

7.1CVSS8AI score0.15352EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•36 views

Novell Client NetIdentity Agent Remote Pointer Dereference Code Execution - Ver2 (CVE-2009-1350)

The Novell NetIdentity agent works with eDirectory authentication to provide background authentication to Windows Web-based applications that require eDirectory authentication, such as iPrint, Novell Portal Services, eGuide, Novell NetIdentity, ZENworks, NetStorage, and iManager. NetIdentity...

10CVSS7.5AI score0.65934EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2014/01/06 12:0 a.m.•30 views

Cisco Prime Data Center Network Manager processImageSave.jsp Arbitrary File Upload (CVE-2013-5486)

An arbitrary file upload vulnerability exists in Cisco Prime Data Center Network Manager...

2.6AI score0.75962EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2014/01/05 12:0 a.m.•12 views

Adobe Acrobat and Reader Memory Corruption (APSB14-28: CVE-2014-8445)

A memory corruption vulnerability has been reported in Adobe Acrobat and Reader. The vulnerability is due to the way Adobe Acrobat and Reader parses a malformed PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

10CVSS6.4AI score0.08948EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/01/02 12:0 a.m.•7 views

Adobe Acrobat and Reader Memory Corruption (APSB13-22: CVE-2013-3352)

A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to incorrect memory buffer allocation while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

10CVSS6.9AI score0.04837EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/12/31 12:0 a.m.•37 views

Suspicious Javascript Containing Overly Long Strings (CVE-2013-2551)

Javascript may contain variables assigned with overly long strings. This behavior may indicate an exploitation attempt...

9.3CVSS8AI score0.74096EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2013/12/31 12:0 a.m.•2 views

ABB MicroSCADA Wserver Multiple Buffer Overflows

Multiple Buffer Overflow vulnerabilities have been reported in the Wserver component of ABB MicroSCADA. The vulnerabilities are due to the copying of user controlled data to stack-based buffers without size verification. A remote attacker can exploit this issue by sending a specially crafted...

7.2AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/12/31 12:0 a.m.•32 views

Cisco Prime Data Center Network Manager FileUploadServlet Arbitrary File Upload (CVE-2013-5486; CVE-2019-1620)

An arbitrary file upload vulnerability exists in Cisco Prime Data Center Network Manager. The vulnerability is due to lack of authentication and insufficient input validation in the FileUploadServlet when processing HTTP requests. A remote unauthenticated attacker can upload arbitrary files to...

10CVSS9.4AI score0.8378EPSS
Exploits11
Check Point Advisories
Check Point Advisories
•added 2013/12/30 12:0 a.m.•7 views

Adobe Flash Player Memory Corruption (APSB13-28: CVE-2013-5332)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

9.3CVSS6.5AI score0.05378EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/12/30 12:0 a.m.•1 views

Microsoft IIS Short Filename Information Disclosure

An information disclosure vulnerability has been reported in Microsoft IIS. The vulnerability is due to an error in the way Microsoft IIS handles specially crafted URLs. A remote attacker can leverage this vulnerability to view undisclosed information stored on the server...

6.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/12/30 12:0 a.m.•31 views

Apache Solr SolrResourceLoader Directory Traversal (CVE-2013-6397)

A directory traversal vulnerability has been reported in Apache Solr. The vulnerability is due to insufficient validation of the resource paths passed to certain Solr REST services. A remote attacker can exploit this vulnerability by sending a specially crafted request to Apache Solr. Successful...

4.3CVSS6.4AI score0.56255EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/12/29 12:0 a.m.•6 views

Adobe Flash Player Memory Corruption (APSB13-26: CVE-2013-5329)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

10CVSS6.5AI score0.05759EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/12/29 12:0 a.m.•1 views

JavaScript Malicious Obfuscation Techniques

Known exploits could potentially bypass security products by using JavaScript obfuscation techniques. Since the exploits are obfuscated they may not be detected by IDS and IPS systems, thus allowing attackers to successfully attack target machines...

4.3AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/12/29 12:0 a.m.•33 views

GLPI install.php Remote Command Execution (CVE-2013-5696)

A command execution vulnerability has been reported in GLPI...

6.6AI score0.07855EPSS
Exploits11
Check Point Advisories
Check Point Advisories
•added 2013/12/29 12:0 a.m.•29 views

Oracle Outside In Microsoft Access 1.x Parser Buffer Overflow (CVE-2013-5791)

A stack buffer overflow vulnerability exists in Oracle Outside-In, a set of libraries used to decode many file formats. The vulnerability is due to an error while processing Microsoft Access 1.x database files .mdb. This vulnerability can be exploited by causing an application that uses the...

1.5CVSS6.9AI score0.01901EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2013/12/26 12:0 a.m.•17 views

PHP OpenSSL Extension X.509 Certificate Memory Corruption (CVE-2013-6420)

A code execution vulnerability has been reported in PHP. The vulnerability is due to a memory corruption error when handling a malicious ASN.1 data type for a timestamp in an X.509 certificate. A remote attacker can exploit this flaw by sending a malicious certificate...

7.5CVSS9.6AI score0.35635EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2013/12/24 12:0 a.m.•31 views

WellinTech KingView ActiveX Control Heap Buffer Overflow Remote Code Execution (CVE-2011-3142)

A stack-based buffer overflow vulnerability has been reported in WellinTech KingView ActiveX control. The vulnerability is due to failure to perform adequate boundary checks on user-supplied input. A remote attacker can exploit this vulnerability by sending via a long second argument to the...

10CVSS6.7AI score0.381EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/12/22 12:0 a.m.•0 views

Vtiger CRM Authenticated Remote Code Execution

A remote code execution vulnerability has been reported in VTiger CRM...

7.6AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/12/22 12:0 a.m.•2 views

OpenLDAP rwm Overlay Denial of Service (CVE-2013-4449)

A denial of service vulnerability has been reported in OpenLDAP...

8.4AI score0.10913EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/12/22 12:0 a.m.•0 views

Zabbix Multiple SQL Injections Information Disclosure

An SQL Injection vulnerability has been reported in Zabbix...

8AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/12/22 12:0 a.m.•5 views

GIMP XWD File Handling Heap Buffer Overflow (CVE-2013-1978)

A heap buffer overflow vulnerability leading to code execution has been reported in GNU Image Manipulation Program GIMP. The vulnerability is due to insufficient validation of certain fields while parsing XWD files. Remote attackers can exploit this vulnerability by enticing the target user to op...

6.8CVSS8.3AI score0.04191EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/12/22 12:0 a.m.•4 views

IBM Platform Symphony SOAP Requests Processing Buffer Overflow (CVE-2013-5387)

A buffer overflow vulnerability has been reported in IBM Platform Symphony...

6.8AI score0.01483EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/12/22 12:0 a.m.•14 views

Microsoft Access Memory Corruption (MS13-074; CVE-2013-3155)

A remote code execution vulnerability exists in Microsoft Access...

7.2AI score0.20184EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/12/22 12:0 a.m.•15 views

Sybase Multiple Products Directory Traversal (CVE-2011-2474)

A directory traversal vulnerability has been reported in multiple Sybase products...

6.5AI score0.63612EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2013/12/22 12:0 a.m.•11 views

Microsoft Internet Explorer runtimeStyle Handling Memory Corruption (MS13-080; CVE-2013-3882)

A memory corruption vulnerability exists in Microsoft Internet Explorer...

6.5AI score0.20135EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/12/22 12:0 a.m.•14 views

HP SiteScope issueSiebelCmd SOAP Request Code Execution (CVE-2013-4835)

A command execution vulnerability has been found in HP SiteScope...

6.6AI score0.71003EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2013/12/22 12:0 a.m.•6 views

Adobe Acrobat and Reader ToolButton Use After Free (APSB13-15; CVE-2013-3346)

A use after free vulnerability exists in Adobe Acrobat and Reader...

6.4AI score0.78581EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2013/12/22 12:0 a.m.•19 views

HP Intelligent Management Center SOM euAccountSerivce Authentication Bypass (CVE-2013-4824)

An authentication bypass vulnerability exists in the SOM add-in module of HP Intelligent Management Center...

6.6AI score0.23927EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2013/12/22 12:0 a.m.•12 views

Kingsoft Writer Font Names Buffer Overflow (CVE-2013-3934)

A code execution vulnerability has been reported in Kingsoft Writer. The vulnerability is due to an error while handling font names in WPS or Office word files. A remote attacker can exploit this vulnerability by enticing an unsuspecting user to download and process a malicious file with a...

9.3CVSS6.9AI score0.09751EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2013/12/22 12:0 a.m.•14 views

Linux Kernel UDP UFO Large Packet Denial of Service (CVE-2013-4563)

A denial of service vulnerability exists in Linux Kernel with UDP Fragmentation Offload UFO enabled...

7.2AI score0.03899EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/12/22 12:0 a.m.•16 views

Microsoft Access ACCDB File Memory Corruption (MS13-074; CVE-2013-3157)

A memory corruption vulnerability has been reported in Microsoft Access...

2.9AI score0.21506EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/12/22 12:0 a.m.•32 views

Nodejs js-yaml load() Code Execution (CVE-2013-4660)

A JavaScript Code Execution vulnerability has been reported in Nodejs...

6.7AI score0.17186EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2013/12/22 12:0 a.m.•15 views

AdaptWeb Web Application SCADA SQL Injection (CVE-2009-2152)

An SQL Injection vulnerability has been reported in AdaptWeb 0.9.2. The vulnerability is due to improper validation of the CodigoDisciplina parameter passed to the application. A remote unauthenticated attacker could exploit this vulnerability by sending a request with a crafted CodigoDisciplina...

7.5CVSS7.5AI score0.00947EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/12/19 12:0 a.m.•1 views

ABB MicroSCADA Wserver Command Execution

A command execution vulnerability has been reported in ABB MicroSCADA. The vulnerability is due to insufficient user authentication by the wserver.exe program when accepting remote execution calls. A remote, unauthenticated attacker can exploit this vulnerability to execute arbitrary commands on...

8.3AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/12/11 12:0 a.m.•1 views

ANSSI Improperly Issued Digital Certificates HTTPS Spoofing

Several improperly issued CA certificates could be used in HTTPS spoofing attacks...

6.9AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/12/11 12:0 a.m.•6 views

Microsoft Windows X.509 Certificate Validation Denial of Service (MS13-095; CVE-2013-3869)

A denial of service vulnerability exists in Microsoft Windows. The flaw is due to improper handling of specially crafted X.509 certificates during certificate validation. Successful exploitation could cause a denial of service condition where the web service becomes unresponsive.A remote attacker...

5CVSS6AI score0.17977EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/12/11 12:0 a.m.•3 views

ManageEngine DesktopCentral AgentLogUpload Arbitrary File Upload

A code execution vulnerability has been reported in ManageEngine DesktopCentral. The vulnerability is due to lack of authentication and insufficient input validation in the AgentLogUploadServlet.class when processing HTTP requests. A remote unauthenticated attacker can upload arbitrary files to...

8.7AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/12/11 12:0 a.m.•47 views

Apache Roller OGNL Injection Remote Code Execution (CVE-2013-4212)

A command execution vulnerability exists in Apache Roller due to a lack of sanitization on OGNL expressions passed to certain methods. This can lead to OGNL injection which can result in remote code execution. A remote unauthenticated attacker could exploit this vulnerability by sending crafted...

6.8CVSS7.6AI score0.81068EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2013/12/10 12:0 a.m.•0 views

Multiple OS Malicious Payload Remote Code Execution

A remote code execution vulnerability has been reported in multiple operating systems. A remote attacker can exploit this vulnerability by delivering malicious payload to the target machine. Successful exploitation would allow an attacker to execute code on the target...

8.2AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/12/10 12:0 a.m.•3 views

Malicious Payload Encoding Remote Code Execution

Malicious payload can be encoded to circumvent security software. Successful exploitation could allow attackers to execute arbitrary code on the target...

6.7AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/12/10 12:0 a.m.•0 views

PDF Containing Suspicious OpenAction

A remote code execution vulnerability has been reported in Adobe Acrobat and Reader when handling PDF files that contain plain JavaScript. A remote attacker can exploit this vulnerability to execute arbitrary code on an affected system via a specially crafted PDF file...

3.8AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/12/10 12:0 a.m.•10 views

Trimble Navigation SketchUp BMP File Code Execution (CVE-2013-3663)

A remote code execution vulnerability has been reported in Trimble Navigation's SketchUp...

7.4AI score0.31864EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/12/10 12:0 a.m.•3 views

PDF Containing Suspicious JavaScript Code

A remote code execution vulnerability has been reported in Adobe Acrobat and Reader when handling PDF files that contain plain JavaScript. A remote attacker can exploit this vulnerability to execute arbitrary code on an affected system via a specially crafted PDF file...

8.2AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/12/10 12:0 a.m.•11 views

Microsoft Internet Explorer Memory Corruption (MS13-097: CVE-2013-5049)

A remote code execution vulnerability has been reported in Internet Explorer...

7.4AI score0.1253EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/12/10 12:0 a.m.•72 views

Microsoft Windows WinVerifyTrust Signature Validation Code Execution (MS13-098; CVE-2013-3900)

A remote code execution vulnerability has been reported in Microsoft Windows...

8.1AI score0.44647EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/12/10 12:0 a.m.•12 views

Microsoft Internet Explorer Memory Corruption (MS13-097: CVE-2013-5052)

A Remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affecte...

9.3CVSS7.5AI score0.1253EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/12/10 12:0 a.m.•4 views

Preemptive Protection against Nginx Request URI Verification Security Bypass (CVE-2013-4547)

A security bypass vulnerability has been reported in Nginx...

9AI score0.67718EPSS
Exploits15
Check Point Advisories
Check Point Advisories
•added 2013/12/10 12:0 a.m.•13 views

Microsoft Scripting Runtime Object Library Use-After-Free Code Execution (MS13-099; CVE-2013-5056)

A remote code execution vulnerability has been reported in the Microsoft Scripting Runtime Object Library...

6.9AI score0.20353EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/12/10 12:0 a.m.•12 views

Microsoft Internet Explorer Memory Corruption (MS13-097: CVE-2013-5051)

A Remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affecte...

9.3CVSS7.5AI score0.1253EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/12/10 12:0 a.m.•1 views

Microsoft Windows Win32 Shellcode Remote Code Execution

A remote code execution vulnerability has been reported in Microsoft Windows...

7.9AI score
Exploits0
Total number of security vulnerabilities13538